Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-51355 |
Description: Missing Authorization vulnerability in MultiVendorX WC Marketplace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WC Marketplace: from n/a through 4.0.23.
CVSS: HIGH (8.2) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-49856 |
Description: Missing Authorization vulnerability in RedNao Smart Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Forms: from n/a through 2.6.84.
CVSS: HIGH (8.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-49831 |
Description: Missing Authorization vulnerability in Metagauss User Registration Forms RegistrationMagic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RegistrationMagic: from n/a through 5.2.3.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-49817 |
Description: Missing Authorization vulnerability in heoLixfy Flexible Woocommerce Checkout Field Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flexible Woocommerce Checkout Field Editor: from n/a through 2.0.1.
CVSS: HIGH (8.2) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-49158 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LadiPage LadiApp allows Stored XSS.This issue affects LadiApp: from n/a through 4.4.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-48286 |
Description: Missing Authorization vulnerability in Tips and Tricks HQ, wptipsntricks Stripe Payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stripe Payments: from n/a through 2.0.79.
CVSS: HIGH (8.2) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-47698 |
Description: Missing Authorization vulnerability in Artisan Workshop Japanized For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through 2.6.4.
CVSS: HIGH (8.6) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-4418 |
Description: A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service (DDoS) attack.
By exploiting this vulnerability, an attacker can flood the targeted LMS5xx with a high volume of TCP SYN requests, overwhelming its resources and causing it to become unresponsive or unavailable for legitimate users.
CVSS: HIGH (7.5) EPSS Score: 0.12%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-43699 |
Description:
Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU
allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts
are not limited.
CVSS: HIGH (7.5) EPSS Score: 0.19%
December 10th, 2024 (4 months ago)
|
|
CVE-2023-31412 |
Description: The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.
CVSS: HIGH (7.5) EPSS Score: 0.14%
December 10th, 2024 (4 months ago)
|